Header Only - DO NOT REMOVE - Extreme Networks

Network Login 802.1x user VLAN(s) "unknown" on 460 G2 switch with EAC


Userlevel 1
Hi All

Does anyone know why my Radius authenticated users has an unknown VLAN in the switch logs? It does not happen this way on a G1.

Network Login 802.1x user host/justsomebloke logged in MAC F0:C7:19:5E:26:C9 port x:x VLAN(s) "<unknown>", authentication Radius


Thanks

7 replies

Userlevel 7
Because it's justsomebloke and not a real user...... or because the configuration is different on the devices.

Does the RADIUS provide the VLAN ID and if that is the case is the configuration on the RADIUS the same for both devices - same rule action - check the RADIUS log.
Userlevel 1
Ron wrote:

Because it's justsomebloke and not a real user...... or because the configuration is different on the devices.

Does the RADIUS provide the VLAN ID and if that is the case is the configuration on the RADIUS the same for both devices - same rule action - check the RADIUS log.

It is the same radius server and the same EAC engine. The only difference is the switch type.
Userlevel 1
Ron wrote:

Because it's justsomebloke and not a real user...... or because the configuration is different on the devices.

Does the RADIUS provide the VLAN ID and if that is the case is the configuration on the RADIUS the same for both devices - same rule action - check the RADIUS log.

Also it is a real user.
Userlevel 1
It's a real user, i just put that in there as i don't want usernames on the net.
Userlevel 7
OK so Extreme Control is also included - how about the switch settings in Control - are they the same for the switches in the Policy/VLAN column...

Userlevel 1
Yep Extreme Policy is set for both.
Userlevel 6
If the vlan attribute is returned as a policy you will see unknown vlan in the switch log. As the switch only sees a policy being returned and not a Vlan VSA. the vlan is applied by policy and not by login.
Userlevel 6
addition to Oscar's point
https://gtacknowledge.extremenetworks.com/articles/Q_A/show-log-display-VLANs-unknown

Reply